QotW: Alex on stupid, stupid security schemes

Casting a geek eye on l’affaire Wikileaks, Alex finds time to rant about Mastercard SecureCode:

hat a horrible idea Mastercard SecureCode (and its pal Verified by Visa) is. I already hated it before this – it’s a password, that should be a strong password because it’s financial, but that I don’t use that often and therefore can’t remember, and it trains you to accept the idea of typing confidential information into a random web site you didn’t ask for. Essentially all phishing requires you to type your bank details into something that you didn’t ask for. Forcing the public to type their bank details into some random website they didn’t ask for is howling insane. Right?

I like the Dutch IDEAL (sic) payment method better: pay through your own internet banking account rather than fart about with credit cards and stupid password schemes. Especially because the schemes Alex mentions allows you to actually create a new password/account everytime you use it, as long as you know your credit card details (name, card number, secure code on the back of the card). Which means it’s not actually any safer than using a credit card without Mastercard SecureCode. It’s security theatre that provides you with a false sense of security while actually not being any safer and worse, teaches you bad habits.